Calling all innovators – find your future at Fiserv.

We’re Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we’re involved. If you want to make an impact on a global scale, come make a difference at Fiserv.

Job Title

What does a successful Information Security Engineerdo at Fiserv?

The Cyber-Security Engineer is responsible for the management and support of the cyber-security architecture, for both on-premises and Cloud platforms, for one of our Federal Government Customers. This is a broad role that will cover various areas in Cyber-Security Information Security and Defense, Information Risk, and Compliance. Primary focus areas include assessing Cyber-Security/Cyber Defense by analyzing and addressing risks by performing security assessments, application security code reviews, coordinating vulnerability remediation activities, and threat analysis. Maintaining risk management strategies and remediation programs based on business priorities are paramount.

What you will do:

• Manage security solutions in both FISMA HIGH (on-prem) and FedRAMP HIGH Azure cloud environments.
• Analyze and continuously monitor cybersecurity and privacy policies, processes and compliance artifacts, systems authorization.
• Analyze and map existing security controls and safeguards to compliance requirements.
• Maintain a Zero-Trust Architecture as a core part of all design and development activities.
• Assess vulnerabilities and attacker tactics, techniques, and procedures (TTP) and provide incident response support to locate and prevent threats.
• Manage vulnerability management processes and technology used to identify and mitigate vulnerabilities and security issues.
• Validate and triage identified vulnerabilities.
• Contribute to developing and operating the vulnerability life cycle processes, detection, analysis, prioritization, and reporting.
• Analyze vulnerability and related data in support of creating vulnerability prioritization, developing metrics, and risk identification.
• Analyze vulnerability data to measure and improve scan coverage.
• Conduct architecture reviews and security impact assessments for technology and application development initiatives.
• Coordinate application and infrastructure risk mitigation and vulnerability remediation activities.
• Support 3rd party assessment activities.
• Participate in cybersecurity incident response efforts as needed.

What you will need to have:

• Bachelor’s degree in a technology field, master’s degree preferred.
• 5+ years cyber related experience in a commercial or Government environment in a technical information security and risk management role.
• 5+ years managing security policies and initiatives.
• Managing/maintaining FISMA compliance for a government information system in accordance with requirements from NIST and CISA.
• Demonstratable understanding of Information Security and Risk Management capabilities across Windows and Linux, with demonstrated direct experience with the following domains:

• Identity, Credential and Access Management (ICAM)
• Authentication and Authorization including SSO and Identify Federation
• Zero-Trust Model
• Defense-In-Depth
• Governance and Compliance
• Securing Data
• Securing the Operating System
• Protecting the Network Layer
• Continuous Diagnostics and Mitigation, Alerting, Audit Trail, and Incident Response
• Identity Access and Management (IAM) concepts, multifactor authentication, SSO/Federation
• Privileged Access Management (PAM) key concepts

What would be great to have:

• Cloud Experience Desired: {MS Azure Preferred}
• 3+ years’ cyber related experience in a commercial or Government Cloud environment in a technical information security and risk management role.
• 3+ years managing security policies and initiatives in Azure.
• 3+ years’ experience working with the various Azure security tools/platforms such as Sentinel, Defender, Monitor, Key Vault, or similar in other platforms.
• Identity and Access Management (IAM) with Entra ID/Azure Active Directory, posture management, workload protection, SIEM/SOAR, and application software testing.

• Ability to set up and configure the Azure security platforms, and function as an overall lead managing end to end security on the Azure Cloud regions.
• Azure/AWS/Google Training and Certification
  • Microsoft Certifications/Exams recommended: Sc-100 Cybersecurity Architect; Sc-300 Identity and Access Administration; AZ-500 Azure Security Engineer
• Working knowledge of current NIST 800-53 for Azure and FedRAMP High for Azure, Azure CIS Benchmark compliance
• Cloud Core Platform: Compute, Storage, Networking

#LI=RM1

This role is not eligible to be performed in Colorado, California, New York or Washington.

Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate.

Thank you for considering employment with Fiserv.  Please:

• Apply using your legal name
• Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).

What you should know about us:

Fiserv is a global fintech leader with 40,000-plus (and growing) associates proudly serving clients in more than 100 countries. As a FORTUNE™ 500 company, one of Fast Company’s Most Innovative Companies, and a top scorer on Bloomberg’s Gender-Equality Index, we are committed to excellence and purposeful innovation.

Our commitment to Diversity and Inclusion:

Fiserv is an Equal Opportunity Employer, and we welcome and encourage diversity in our workforce that reflects our world. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by law. 

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Warning about fake job posts:

Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information.

Any communications from a Fiserv representative will come from a legitimate business email address. We will not hire through text message, social media, or email alone, and any interviews will be conducted in person or through a secure video call. We won’t ask you for sensitive information nor will we ask you to pay anything during the hiring process. We also won’t send you a check to cash on Fiserv’s behalf.

If you see suspicious activity or believe that you have been the victim of a job posting scam, you should report it to your local FBI field office or to the FBI’s Internet Crime Complaint Center.